Project Charter

VPN and Two-Factor Login Memo

Colleagues,

The University at Buffalo (UB) houses over 1 million private
information records that are considered regulated and protected
data under FERPA and other mandated policy guidelines.

When equipment that has access to those records is compromised,
and even if unauthorized access can not be proven, it places the
university at a huge financial risk (often exceeding a million
dollars) to conduct mandated investigations and manage subsequent
information and notification campaigns. The risk is real -
Cornell University, University of North Carolina at Chapel Hill and
The Ohio State University have had recent experiences with data
breaches of a significant magnitude.

In order to mitigate this substantial risk, UB is adopting a new
type of virtual private network (VPN) access called
“two-factor authentication” to protect all critical
systems. The HUB (formerly UBSIS) will be the first of
several administrative systems to make use of this tool, which upon
logging into the system, creates a single use password that is
available only for a very short duration. Two-factor
authentication guards against unauthorized access to the HUB and
reduces the risk that a stolen password from a compromised computer
or network can be used to gain access.

Currently, the VPN project manager is working closely with
departmental IT staff to adopt this new software and ensure that
all staff accessing the HUB are appropriately trained in its use.
Your IT support staff have begun the installation of this software,
if they have not reached you as yet, you will be contacted by them
soon to install this software on your UB desktop/laptop.

More information regarding security policies and practices is
available at:

The Student Services Transformation is a university-wide
initiative and continued support from the campus community is a
necessary element to this project. We welcome your feedback at ub-sst@buffalo.edu.